This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
| VuXML ID | Description |
|---|---|
| 86c89abf-2d91-11e9-bf3e-a4badb2f4699 | FreeBSD -- File description reference count leakProblem Description:FreeBSD 12.0 attempts to handle the case where the receiving process does not provide a sufficiently large buffer for an incoming control message containing rights. In particular, to avoid leaking the corresponding descriptors into the receiving process' descriptor table, the kernel handles the truncation case by closing descriptors referenced by the discarded message. The code which performs this operation failed to release a reference obtained on the file corresponding to a received right. This bug can be used to cause the reference counter to wrap around and free the file structure. Impact:A local user can exploit the bug to gain root privileges or escape from a jail. Discovery 2019-02-05 Entry 2019-02-11 FreeBSD-kernel ge 12.0 lt 12.0_3 CVE-2019-5596 SA-19:02.fd |